description: The password for the keystone admin account, used for monitoring, querying neutron etc.
type: string
hidden: true
+ KeystoneTokenProvider:
+ description: The keystone token format
+ type: string
+ default: 'uuid'
+ constraints:
+ - allowed_values: ['uuid', 'fernet']
resources:
ServiceNetMap: {get_param: ServiceNetMap}
DefaultPasswords: {get_param: DefaultPasswords}
+conditions:
+ keystone_fernet_tokens: {equals: [{get_param: KeystoneTokenProvider}, "fernet"]}
+
outputs:
role_data:
description: Role data for the Keystone API role.
- {get_attr: [KeystoneBase, role_data, step_config]}
service_config_settings: {get_attr: [KeystoneBase, role_data, service_config_settings]}
# BEGIN DOCKER SETTINGS
- docker_image: &keystone_image
- list_join:
- - '/'
- - [ {get_param: DockerNamespace}, {get_param: DockerKeystoneImage} ]
puppet_config:
config_volume: keystone
puppet_tags: keystone_config
step_config: *step_config
- config_image: *keystone_image
+ config_image: &keystone_image
+ list_join:
+ - '/'
+ - [ {get_param: DockerNamespace}, {get_param: DockerKeystoneImage} ]
kolla_config:
/var/lib/kolla/config_files/keystone.json:
command: /usr/sbin/httpd -DFOREGROUND
owner: keystone
perm: '0600'
source: /var/lib/kolla/config_files/src/etc/keystone/credential-keys/1
+ - dest: /etc/keystone/fernet-keys/0
+ owner: keystone
+ perm: '0600'
+ source: /var/lib/kolla/config_files/src/etc/keystone/fernet-keys/0
+ optional: {if: [keystone_fernet_tokens, false, true]}
+ - dest: /etc/keystone/fernet-keys/1
+ owner: keystone
+ perm: '0600'
+ source: /var/lib/kolla/config_files/src/etc/keystone/fernet-keys/1
+ optional: {if: [keystone_fernet_tokens, false, true]}
- dest: /etc/httpd/conf.d/10-keystone_wsgi_admin.conf
owner: root
perm: '0644'
Code Review / apex-tripleo-heat-templates.git / blobdiff